A vulnerability categorized as critical has been discovered in Apache MINA up to 2.0.28/2.1.12/2.2.7 . This vulnerability affects the function ObjectInputStream.readProxyDesc . Such manipulation leads to deserialization. This vulnerability is documented as CVE-2026-47065 . The attack can be executed remotely. There is not any exploit available. It is advisable to upgrade the affected component.